cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
916
Views
0
Helpful
6
Replies

How to tell what ports a server is connected too on a Cisco 3750 or WS-C4948? ARP tables are not showing the this.

Tom
Level 1
Level 1

I would like to find out which Cisco router ports a server is connected too.  I've tried to use sh mac address-table| include <MAC>.  However, the MAC isn't listed.  

cisco01#sh mac address-table | i 8c
38e7.d38c.ab5a DYNAMIC Gi1/0/19
1050.5786.8c53 DYNAMIC Po4
cisco01#
cisco02#sh mac address-table | i 8c
38e7.d38c.ab5a dynamic ip Port-channel4
1050.5786.8c53 dynamic ip GigabitEthernet1/37
cisco02#

However, the MAC addresses as reported by the server are as follows:

38e7.d38c.ab12
38e7.d38c.ab34
38e7.d38c.ab56
38e7.d38c.ab78

Verified physical ports are connected on both the server and the routers.  Green lights appear on both the router ports and the server ports.  This server is powered on and has been powered on for months.  

 

Is there a way to determine the router ports an active server is connected too?

 

Cheers,
TK

6 Replies 6

marce1000
VIP
VIP

 

 - Will be difficult if the particular server has not been active for a while or a long while, another approach is network management by knowledge and note the connections (which host) for each port.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Thank you however, this server has been active for a long time. 

 

Cheers,

TK

 

 - Has been , or is currently active is a big difference.

  M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

I've edited my original post. Hoping it clarifies further. 

 

'Currently' implies that things might change to the state.  Such as some impatient soul restarting the devices.  Or it could suggest the host shuts down after a period of time due to some hardware issue.  I wanted to avoid any such implied meaning.  ;) 

 

I suppose I'll stick to the wording 'Routers and switches are all powered on right now.  Servers uptime is 117 days as shown from the ssh terminal.  There are no reported hardware issues with the server or the routers.'  

 

;)

 

Cheers,
TK

 

 

Hi,

Then your server is up and running. You could SSH to the server which mean you got the server's IP Address. If you remote accessing the server on different subnet, you can obtain ARP entry on server's default gateway.

 

 

router# show arp | include <server's IP>
<...omitted..>
Internet    <server's IP>         0        xxxx.yyyy.zzzz   ARPA   

If you were accessing the server on the same subnet, you could obtain the ARP entry on your machine.

 

$arp -a | grep <server's IP>
<server's IP> xx-xx-yy-yy-zz-zz dynamic

 

Then, on you switches, trace the mac address

 

 

switch01# show mac address | include xxxx.yyyy.zzzz
<...omitted..>
   15      xxxx.yyyy.zzzz     DYNAMIC     Fa0/1

 

Check the port:

switch01# show run interface Fa0/1
<...omitted..>
interface FastEthernet 0/1
description To Switch02
switchport mode trunk

 

It's connected to Switch02, then you go to switch02, and trace the mac address again.

 

switch02# show mac address | include xxxx.yyyy.zzzz
<...omitted..>
   15      xxxx.yyyy.zzzz     DYNAMIC     Fa0/10

 

Check the port; Oops, no description on the port. You try your best to check if this port is connected to a switch or the server.

switch02# show run interface Fa0/10
<...omitted..>
interface FastEthernet 0/10
switchport mode access
switchport access vlan 15

 

No CDP/LLDP neighbor is found, the port is not likely connected to a switch. (you cannot 100% sure about that, as remote switch might disabled lldp/cdp)

switch02# show cdp neighbor | include 0/10
switch02#
switch02# show lldp neighbor | include 0/10
switch02#

One more hints from the output of "show mac address". If you found only 1 mac address, then it's very likely your server is connected to this port.

 

switch02# show mac address | include 0/10
15 xxxx.yyyy.zzzz DYNAMIC Fa0/10
15 xxxx.yyyy.aaaa DYNAMIC Fa0/10
15 xxxx.yyyy.bbbb DYNAMIC Fa0/10
switch02#

 

But if you found multiple mac address from that port (like the above example), then:

- If all the mac address listed are belong to your physical server (ESXi host can have multiple mac address for its VMs) , then it's very likely your server is connected to this port.

 

- If the mac address listed are from different physical server, then the port are connected to a switch. You need to go into that switch and re-run the MAC address tracking process.

 

And you may notice I used the word "likely", because there is no 100% guarantee at all. 

 

 

 

Thanks ngkin2010.  Will try and get back to you gents on how things went.  

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: